[SSSD] [PATCH] AD: autorid compatibility should recommend the use of, default domain

Fri, 21 Sep 2012 07:19:54 -0700 

Previously, we were failing to start if ldap_idmap_autorid_compat
was True but the default domain SID was unspecified. This is the
recommended configuration, but it is functional without it. There
is just a slight risk that the IDs will be inconsistent between
machines if the first user requested is not from the default
domain.

Fixes https://fedorahosted.org/sssd/ticket/1530

>From 053db789ab6cd825bc40a8b06b07cad0ab1eb732 Mon Sep 17 00:00:00 2001
From: Stephen Gallagher <sgall...@redhat.com>
Date: Fri, 21 Sep 2012 10:06:47 -0400
Subject: [PATCH] AD: autorid compatibility should recommend the use of
 default domain

Previously, we were failing to start if ldap_idmap_autorid_compat
was True but the default domain SID was unspecified. This is the
recommended configuration, but it is functional without it. There
is just a slight risk that the IDs will be inconsistent between
machines if the first user requested is not from the default
domain.

https://fedorahosted.org/sssd/ticket/1530
---
 src/providers/ldap/sdap_idmap.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/providers/ldap/sdap_idmap.c b/src/providers/ldap/sdap_idmap.c
index b41958bbeb193d54472ac5a026d46284176ae1fa..2ebb049392a096905fe5ae9c935800f128e2851c 100644
--- a/src/providers/ldap/sdap_idmap.c
+++ b/src/providers/ldap/sdap_idmap.c
@@ -157,11 +157,11 @@ sdap_idmap_init(TALLOC_CTX *mem_ctx,
         } else {
             if (dp_opt_get_bool(idmap_ctx->id_ctx->opts->basic, SDAP_IDMAP_AUTORID_COMPAT)) {
                 /* In autorid compatibility mode, we MUST have a slice 0 */
-                DEBUG(SSSDBG_FATAL_FAILURE,
-                      ("Autorid compatibility mode selected, but %s is not set\n",
+                DEBUG(SSSDBG_CRIT_FAILURE,
+                      ("WARNING: Autorid compatibility mode selected, "
+                       "but %s is not set. UID/GID values may change "
+                       "between restarts.\n",
                        idmap_ctx->id_ctx->opts->basic[SDAP_IDMAP_DEFAULT_DOMAIN_SID].opt_name));
-                ret = EINVAL;
-                goto done;
             }
             /* Otherwise, we'll just fall back to hash values as they are seen */
         }
-- 
1.7.12


_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel

Reply via email to